Block google chat
-
Hello again,
Is it possible to disable google chat in pfSense but still have a google search enable? I tried to block talkgadget.google.com, chatenabled.mail.google.com, talk.google.com, and talkx.l.google.com using DNS forwarder but still no luck and also tried to block port 5222. Please advice.
Thank you!
-
If you have those domains properly overridden then they should resolve to localhost. Are you sure your clients aren't using their own DNS? Proxy? VPN?
-
This is currently what's in my DNS forwarder and block port 5222 from LAN. Is this correct or am I missing something?
-
You have a host of www for all entries. Do you know for sure that your clients are resolving www.talk.google.com, for example, and not just talk.google.com?
Best practice is to put all your block rules at the top, btw.
-
Should I put http and https on the host? Mine is using https://talkgadget.google.com. Thanks
-
No. That happens after DNS is resolved.
In that example just put talkgadget as the host and google.com as the domain.
-
I got it working I think. Chat in gmail is showing this error "We're having trouble connecting to Google. We'll keep trying…" :D Thank you so much..
Can I also allow selected users to have access to gtalk?
-
If you let select users use alternate DNS, then they could access the service.
-
Can you walk me through on how to do that? :)
-
Create an alias that holds your special users. Add a firewall rule just above your DNS block rule that allows that alias to pass port 53 traffic. Then configure their network DNS clients to also use Google or OpenDNS. I've never had to do this before so I'm guessing my way through.
-
@KOM You're a genius! It works perfectly. Thank you!
-
@KOM You're a genius!
More like a stopped clock is right twice per day ;D
-
I think couldn't. At least I have never succeeded. . .. :(
-